Information System Security

1
Information System Security

• Lecture 2
• Classical Cryptography

2
Outline

• Basic mathematical concepts
• Cipher systems
• Historical ciphers
• Transposition ciphers
• Substitution ciphers
• Product ciphers

3
Basic Mathematical Concepts

• A function (or transformation) is defined on 2
  sets X and Y and a rule f which assigns to each
  element in X one element in Y.
• A function f is injective if each element in Y
  is the image of at most one element in X
• A function f is surjective if each element in Y
  is the image of at least one element in X
• A function f is bijective if it is injective and
  surjective

4
Basic Mathematical Concepts

• Inverse function if f is bijective from X to Y,
• The inverse function of f is g fromY to X
  g(y)x and f(x)y
• g(f(x)) x
• g is the denoted
• One-way function a function f from X to Y where
  for each x?X its easy to compute f(x) but its
  difficult (computationally infeasible) to compute
  x?X such that yf(x)
• A permutation p on S is a bijection from S to
  itself
• S is finite set of elements
• Since p is bijective then p has an inverse
• Involutions a bijective function is called an
  involution if

5
Cipher system

• Encryption domains and codomains
• A denotes a finite set called alphabet of
  definition.
• Example A o,1
• M denotes a set called message space.
• M consists of strings of symbols from an alphabet
  of definition
• An element of M is called a plaintext message (or
  a plaintext)
• Example M may consist of binary strings, English
  text, etc.
• C denotes a set called ciphertext space.
• C consists of strings of symbols from an alphabet
  definition
• C may differ from the alphabet of definition for
  M
• An element of M is called a ciphertext

6
Cipher system

• Encryption and decryption transformations
• K denotes a set called the key space, an element
  of K is called a key
• Each e ? K uniquely determines a bijection from M
  to C, denoted by (called encryption function
  or encryption transformation)
• must be a bijection if the process to be
  reversed and a unique plaintext recovered from
  each distinct ciphertext
• Each d ? K, (decryption function or
  decryption transformation) denotes a bijection
  from C to M
• The process of applying the transformation
  to a plaintext m ? M, is referred to as the
  encryption of m
• The process of applying the transformation
  to a ciphertext c ? C, is referred to as
  decryption of c

7
Cipher system

• An encryption scheme consists of (in addition to
  M,C,K)
• A set of encryption
  transformations
• A correspondent set of
  decryption transformations with the property that
  for each e ? K there is a unique key d ?K such
  that
• An encryption scheme is also referred to as a
  cipher
• e and d are referred to as a key pair denoted by
  (e,d)
• Encryption achieves Confidentiality

8
Example

• Trivial shift cipher (M, C, K, E, D)
• M sequences of letters
• C M
• K i i is an integer and 0 i 25
• E Ek k ? K and for all letters m,
• Ek(m) (m k) mod 26
• D Dk k ? K and for all letters c,
• Dk(c) (26 c k) mod 26
• Example

9
Example

• Let k 9, m VELVET (21 4 11 21 4 19)
• Ek(m) (m k) mod 26
• (30 13 20 30 13 28) mod 26
• 4 13 20 4 13 2 ENUENC
• Dk(c) (26 c k) mod 26
• (21 30 37 21 30 19) mod 26
• 21 4 11 21 4 19 VELVET

10
Historical Ciphers

• Please note that all the ciphers in this unit
  are
• Created prior to the 2nd half of the 20th century
  
• Symmetric
• Operate on alphabetic characters
• Are not suitable for general modern use
• However, they allow us to
• Illustrate basic principles and common pitfalls
• Historical (classical) cryptography
• Two basic types
• Transposition ciphers
• Substitution ciphers
• Product ciphers
• Combinations of the two basic types

11
Transposition Ciphers

• A simple transposition cipher with fixed period
  t
• Consists of grouping the plaintext into blocks of
  t characters, and applying to each block a single
  permutation e on the numbers 1 through t.
• Decryption consists of the permutation d which
  inverts e
• simple transposition cipher rearrange letters in
  plaintext to produce ciphertext
• Example
• m CAESAR, t6
• e (6 4 1 3 5 2) gt c RSCEAA
• d (3 6 4 2 5 1)
• Compound transposition is a sequential
  composition of 2 or more simple transpositions
  with respective periods t1, ,ti ltgt simple
  transposition of period t lcm(t1,,ti)

12
Transposition Ciphers

• A simple transposition cipher with fixed period
  t,
• K is the set of all permutations on 1,2, ,t
• For each e ? K, the encryption function Ee is
  defined as follows
• // m(m1,
  ,mt) ? M, the message space
• The decryption key // the inverse
  permutation of e
• To decrypt the message c(c1,...,c2), compute

13
Attacks

• Ciphertext only
• adversary has only c
• goal is to find plaintext, possibly key
• Known plaintext
• adversary has m, c
• goal is to find k
• Chosen plaintext
• adversary may gets a specific plaintext
  enciphered
• goal is to find key

14
Basis for Cryptanalysis

• Cryptanalysis of classical ciphers relies on
  redundancy in the source language (plaintext)
• E appears far more frequently than Z
• Q is followed by U
• TH is a common digram
• Repeated letters in pattern words (e.g., three,
  soon, etc.)
• Its called statistical attacks, i.e., based on
  language statistics
• Brute force (exhaustive search) Tries all
  possible keys on a piece of ciphertext
• If the number of keys is small, then its easy to
  break the encryption

15
English letter frequency ()

• Letter frequency Letter frequency Letter freque
  ncy
• A 8.04 B 1.54 C 3.06
• D 3.99 E 12.51 F 2.30
• G 1.96 H 5.49 I 7.26
• J 0.16 K 0.67 L 4.14
• M 2.53 N 7.09 O 7.60
• P 2.00 Q 0.11 R 6.12
• S 6.54 T 9.25 U 2.71
• V 0.99 W 1.92 X 0.19
• Y 1.73 Z 0.09

16
Frequency of digrams in English text ()

• di-gram frequency di-gram frequency
• AN 1.81 ON 1.83
• AT 1.51 OR 1.28
• ED 1.32 RE 1.90
• EN 1.53 ST 1.22
• ER 2.31 TE 1.30
• ES 1.36 TH 3.21
• HE 3.05 TI 1.28
• IN 2.30

17
Attacking Transposition Ciphers

• Simple transposition cipher alter dependencies
  between consecutive characters, but
• Preserves the frequency distribution of each
  letter
• Anagramming
• If 1-gram frequencies match English frequencies,
  but other n-gram frequencies do not, probably
  transposition
• Rearrange letters to form n-grams (1st digram
  then trigram) with highest frequencies

18
Attacking Transposition Ciphers

• Example
• Plaintext is HELLO WORLD
• Encryption key is e(1 3 5 7 4 2 9 6 8 10)
• Ciphertext is HLOOL ELWRD
• Frequencies of 2-grams beginning with H
• HE 0.0305
• HO 0.0043
• HL, HW, HR, HD lt 0.0010
• Frequencies of 2-grams ending in H
• WH 0.0026
• EH, LH, OH, RH, DH 0.0002
• Implies E follows H

19
Substitution Ciphers

• Simple substitution cipher
  
• A plaintext and ciphertext character sets
• K is the set of all permutations on A
• M m m1,m2, ...
• For each e ? K, the encryption function is
  defined as follows
• // the character to which mi
  is mapped by e
• The decryption key // the inverse
  permutation of e
• To decrypt the message c(c1,...,c2), compute

20
Substitution Ciphers

• Simple substitution cipher changes letters in
  plaintext to produce ciphertext
• Simple substitution cipher is called also
  mono-alphabetic substitution
• Example - Cæsar cipher (Trivial shift cipher with
  k 3)
• Plaintext is HELLO WORLD
• Key is 3, usually written as letter D
• Ciphertext is KHOOR ZRUOG

21
Attacking simple substitution ciphers

• Brute Force Exhaustive search
• If the key space is small enough, try all
  possible keys until you find the right one
• The key space of simple substitution on English
  alphabet (26 letters) is 26! 4 x 1026 (400
  000 000 000 000 000 000 000 000)
• Cæsar cipher has 26 possible keys
• Statistical analysis
• Simple substitution cipher alter the frequency of
  the individual plaintext characters, but
• Doesnt alter the frequency distribution of the
  overall character set
• Thus, letter frequency analysis helps breaking
  the cipher

22
Attacking simple substitution ciphers

• Ciphertext KHOOR ZRUOG (KHOOR ZRUOG)
• Compute frequency of each letter in ciphertext
• G 0.1 H 0.1 K 0.1 O 0.3
• R 0.2 U 0.1 Z 0.1
• Apply 1-gram model of English
• Conclusion
• Simple substitution ciphers are easy to recognize
  and analyze
• How to improve simple substitution ciphers? In
  other words, how to defeat letter frequency
  analysis?
• Polygram ciphers Playfair cipher
• Polyalphabetic substitution ciphers Vigenere
  cipher

23
Polygram substitution ciphers

• Simple substitution cipher substitutes one
  character by other character
• Polygram substitution cipher substitutes groups
  of characters by other groups of characters
• Examples
• Sequences of 2 plaintext characters (digrams) may
  be replaced by other digrams
• Sequences of 3 plaintext characters (trigrams)
  may be replaced by other trigrams
• Playfair cipher is an example of polygram
  substitution ciphers

24
Playfair cipher

• The Playfair Cipher operates on digrams (pairs of
  letters)
• The key is a 5x5 square consisting of every
  letter except J.
• Before encrypting, the plaintext must be
  transformed
• Replace all Js with Is
• Write the plaintext in pairs of letters
• separating any identical pairs by Z
• If the number of letters is odd, add a Z to the
  end

25
Playfair cipher

• If two plaintext letters lie in the same row then
  replace each letter by the one on its right in
  the key square
• If two plaintext letters lie in the same column
  then replace each letter by the one below it in
  the key square
• Else, replace
• First letter by letter in row of first letter and
  column of second letter in the key square
• Second letter by letter in column of first letter
  and row of second letter in the key square

26
Playfair cipher Example
GLOW WORM
GL OW WO RM
IK WT TW EO
27
Attacking Playfair cipher

• Playfiar cipher alters the frequency of the
  individual plaintext characters and alters the
  frequency distribution of the overall character
  set because each letter may be replaced by other.
• However, digram frequency analysis helps breaking
  the cipher

28
Polyalphabetic substitution cipher

• Polyalphabetic substitution cipher is a block
  cipher with block length t over an alphabet A
• The key space consists of all ordered sets of t
  permutation (p1, ..,pt), where each pi is defined
  on the set A
• Encryption the message m(m1,,mt) under the key
  e(p1,,pt) is given by
• The decryption key associated with e is
• Example Vigenère cipher

29
Vigenère cipher

• AA,,Z
• t3
• e(p1,p2,p3) encryption key
• p1 maps each letter to the letter 3 positions to
  its right in A
• P2 maps each letter to the letter 7 positions to
  its right in A
• P3 maps each letter to the letter 10 positions
  to its right in A
• This means that e CHK
• m THI SCI PHE RIS CER RAI NLY NOT SEC
  URE
• c WOS VJS SOO UPC FLB WHS QSI
  QVD VLM XYO

30
Attacking Vigenère cipher

• Doesnt preserve symbol frequencies
• In the example E is encrypted to O and L
• However, its not significantly more difficult to
  cryptanalyze
• The approach
• determine the period t (i.e., key length)
• Ciphertext can be divided into t groups (group i
  consists of those ciphertext letters derived
  using permutation pi )
• Letter frequency analysis to be done on each
  group

31
Product ciphers

• Simple transposition and substitution dont
  provide a very high level of security
• product cipher is a combination of many
  transformations (transposition and substitution )
• product ciphers are a way to obtain strong
  ciphers
• Well call a round a composition of a
  substitution and a transposition.

32
Questions?